From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.droids-corp.org (zoll.droids-corp.org [94.23.50.67]) by dpdk.org (Postfix) with ESMTP id 77A39B4C0 for ; Fri, 13 Feb 2015 15:05:58 +0100 (CET) Received: from was59-1-82-226-113-214.fbx.proxad.net ([82.226.113.214] helo=[192.168.0.10]) by mail.droids-corp.org with esmtpsa (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from ) id 1YMGw7-0004mx-RH; Fri, 13 Feb 2015 15:09:46 +0100 Message-ID: <54DE04B8.6080708@6wind.com> Date: Fri, 13 Feb 2015 15:05:44 +0100 From: Olivier MATZ User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.3.0 MIME-Version: 1.0 To: Neil Horman , Cunming Liang References: <1423728996-3004-1-git-send-email-cunming.liang@intel.com> <1423791501-1555-1-git-send-email-cunming.liang@intel.com> <1423791501-1555-5-git-send-email-cunming.liang@intel.com> <20150213134933.GA13495@neilslaptop.think-freely.org> In-Reply-To: <20150213134933.GA13495@neilslaptop.think-freely.org> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Cc: dev@dpdk.org Subject: Re: [dpdk-dev] [PATCH v6 04/19] eal: fix wrong strnlen() return value in 32bit icc X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Feb 2015 14:05:58 -0000 Hi Neil, On 02/13/2015 02:49 PM, Neil Horman wrote: > On Fri, Feb 13, 2015 at 09:38:06AM +0800, Cunming Liang wrote: >> The problem is that strnlen() here may return invalid value with 32bit icc. >> (actually it returns it’s second parameter,e.g: sysconf(_SC_ARG_MAX)). >> It starts to manifest hwen max_len parameter is > 2M and using icc –m32 –O2 (or above). >> >> Suggested-by: Konstantin Ananyev >> Signed-off-by: Cunming Liang >> --- >> v5 changes: >> using strlen instead of strnlen. >> >> lib/librte_eal/common/eal_common_options.c | 6 +++--- >> 1 file changed, 3 insertions(+), 3 deletions(-) >> >> diff --git a/lib/librte_eal/common/eal_common_options.c b/lib/librte_eal/common/eal_common_options.c >> index 178e303..9cf2faa 100644 >> --- a/lib/librte_eal/common/eal_common_options.c >> +++ b/lib/librte_eal/common/eal_common_options.c >> @@ -167,7 +167,7 @@ eal_parse_coremask(const char *coremask) >> if (coremask[0] == '0' && ((coremask[1] == 'x') >> || (coremask[1] == 'X'))) >> coremask += 2; >> - i = strnlen(coremask, PATH_MAX); >> + i = strlen(coremask); > This is crash prone. If coremask is passed in without a trailing null pointer, > strlen will return a huge value that can overrun the array. We discussed that in a previous thread: http://dpdk.org/ml/archives/dev/2015-February/012552.html coremask is always a valid nul-terminated string as it comes from argv[] table. It is not a memory fragment that is controlled by a user, so I don't think using strnlen() instead of strlen() would solve any issue. Regards, Olivier